Management ACL Commands
819 Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide
39
Command Mode
Global Configuration mode
User Guidelines
Use this command to configure a management access list. This command enters
the Management Access-list Configuration mode, where the denied or permitted
access conditions are defined with the deny and permit commands.
If no match criteria are defined, the default value is deny.
When re-entering the access-list context, the new rules are entered at the end of
the access list.
Use the management access-class command to select the active access list.
The active management list cannot be updated or removed.
For IPv6 management traffic that is tunneled in IPv4 packets, the management ACL
is applied first on the external IPv4 header (rules with the service field are
ignored), and then again on the inner IPv6 header.
Examples
Example 1 - The following example creates a management access list called mlist,
configures management gi11 and gi19, and makes the new access list the active
list.
switchxxxxxx(config)#
management access-list mlist
switchxxxxxx(config-macl)#
permit gi11
switchxxxxxx(config-macl)#
permit gi19
switchxxxxxx(config-macl)#
exit
switchxxxxxx(config)#
Example 2 - The following example creates a management access list called
‘mlist’, configures all interfaces to be management interfaces except gi1
1 and
gi1
9
, and makes the new access list the active list.
switchxxxxxx(config)#
management access-list mlist
switchxxxxxx(config-macl)#
deny gi11
switchxxxxxx(config-macl)#
deny gi19
To Next Page
Loading...
